US and UK authorities have said Iran is conducting an “ongoing” campaign of ransomware and other cyber attacks on US critical infrastructure and Australian organisations that began in March.
In a joint statement, the FBI and the Cybersecurity and Infrastructure Security Agency together with the UK and Australian cyber security centres said that Iranian government-sponsored hackers had been “actively targeting a broad range of victims across multiple US critical infrastructure sectors, including the transportation sector and the healthcare and public health sector”.
The hackers have been exploiting a bug in software from security group Fortinet and a flaw in Microsoft email software that was first discovered by Chinese hackers to deploy ransomware, steal data, or extort victims, the agencies said.